» install_flashplayer14x32_mssd_aaa_aih.exe
Overview
Analysis
File Details
Downloads (1)

install_flashplayer14x32_mssd_aaa_aih.exe

Solid State Networks Corporation Inc

The executable install_flashplayer14x32_mssd_aaa_aih.exe, “Adobe Flash Player Inc” has been detected as malware by 13 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from aihdownload.adobe.com.

File name:

Publisher:

Solid State Networks Corporation Inc

Description:

Adobe Flash Player Inc

Version:

5.4.8.7

MD5:

8bf5d139543f1fb287c68e24e5a0c4c7

SHA-1:

ac503a3bbc7ed45d2e6cb3bf4a76585ebea1e39d

SHA-256:

7134b8e02a65d63f02f71b8fd174a610d6aabcc09ed0a55a4c0da88cc87cd752

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

4/19/2024 12:02:17 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11575343

374

Avira AntiVirus

TR/Crypt.ZPACK.88322

7.11.164.150

avast!

Win32:Dropper-gen [Drp]

2014.9-160126

Bitdefender

Trojan.Generic.11575343

1.0.20.130

Bkav FE

HW32.CDB

1.3.0.4959

F-Secure

Trojan.Generic.11575343

11.2016-26-01_3

G Data

Trojan.Generic.11575343

16.1.24

IKARUS anti.virus

Trojan.Crypt

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.181.12898

MicroWorld eScan

Trojan.Generic.11575343

17.0.0.78

nProtect

Trojan.Generic.11575343

14.07.30.01

Qihoo 360 Security

Win32/Trojan.38b

1.0.0.1015

Trend Micro House Call

Suspicious_GEN.F47V0723

7.2.26

File size:

317 KB (324,608 bytes)

Product version:

5.4.8.7

File type:

Executable application (Win32 EXE)

Language:

Brazilian Portuguese

Common path:

C:\users\{user}\downloads\install_flashplayer14x32_mssd_aaa_aih.exe

File PE Metadata

Compilation timestamp:

7/13/2014 11:19:30 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:g9unTlTauc+vUE20Q44rHmwhQLRYrNrt4B8RHXDN7IKdWqbE8:gQnTjc+vqUNFYxr+8Z1Wh

Entry address:

0x1EE9

Entry point:

E8, 31, 1A, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, D8, 58, 44, 00, 89, 0D, D4, 58, 44, 00, 89, 15, D0, 58, 44, 00, 89, 1D, CC, 58, 44, 00, 89, 35, C8, 58, 44, 00, 89, 3D, C4, 58, 44, 00, 66, 8C, 15, F0, 58, 44, 00, 66, 8C, 0D, E4, 58, 44, 00, 66, 8C, 1D, C0, 58, 44, 00, 66, 8C, 05, BC, 58, 44, 00, 66, 8C, 25, B8, 58, 44, 00, 66, 8C, 2D, B4, 58, 44, 00, 9C, 8F, 05, E8, 58, 44, 00, 8B, 45, 00, A3, DC, 58, 44, 00, 8B, 45, 04, A3, E0, 58, 44, 00, 8D, 45, 08, A3, EC, 58, 44... 
[+]

Code size:

30.5 KB (31,232 bytes)

The file install_flashplayer14x32_mssd_aaa_aih.exe has been seen being distributed by the following URL.

http://aihdownload.adobe.com/deployBinary.php

Remove install_flashplayer14x32_mssd_aaa_aih.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.